Harvey Nichols reports cyberattack, data breach

British luxury department store Harvey Nichols reports a cyberattack that caused a data breach of customer information.

Harvey Nichols became aware of the breach on September 16, 2024. The company has not disclosed the exact timeline of when the attackers gained access to their network or whether ransomware was involved. The retailer claims that the vulnerability that allowed the breach has since been fixed, and it has enlisted cybersecurity experts to ensure the security of its systems going forward.

The compromised data includes:

• Full names
• Company names (if provided)
• Phone numbers
• Email addresses
• Home addresses

Harvey Nichols has not disclosed the number of impacted individuals. They claim that financial details or passwords were exposed in the breach. Harvey Nichols emphasized that while there is no evidence of misuse, customers should remain cautious, as the exposed data could be used in phishing or other fraudulent schemes.

Affected customers have either already been notified or are set to receive letters outlining the incident and providing details about the exposed data.